< prev index next >

src/java.security.jgss/share/classes/sun/security/krb5/internal/EncKDCRepPart.java

Print this page




  14  * accompanied this code).
  15  *
  16  * You should have received a copy of the GNU General Public License version
  17  * 2 along with this work; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  19  *
  20  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  21  * or visit www.oracle.com if you need additional information or have any
  22  * questions.
  23  */
  24 
  25 /*
  26  *
  27  *  (C) Copyright IBM Corp. 1999 All Rights Reserved.
  28  *  Copyright 1997 The Open Group Research Institute.  All rights reserved.
  29  */
  30 
  31 package sun.security.krb5.internal;
  32 
  33 import sun.security.krb5.*;

  34 import sun.security.util.*;
  35 import java.util.Vector;
  36 import java.io.IOException;
  37 import java.math.BigInteger;
  38 
  39 /**
  40  * Implements the ASN.1 EncKDCRepPart type.
  41  *
  42  * <pre>{@code
  43  * EncKDCRepPart          ::= SEQUENCE {
  44  *      key               [0] EncryptionKey,
  45  *      last-req          [1] LastReq,
  46  *      nonce             [2] UInt32,
  47  *      key-expiration    [3] KerberosTime OPTIONAL,
  48  *      flags             [4] TicketFlags,
  49  *      authtime          [5] KerberosTime,
  50  *      starttime         [6] KerberosTime OPTIONAL,
  51  *      endtime           [7] KerberosTime,
  52  *      renew-till        [8] KerberosTime OPTIONAL,
  53  *      srealm            [9] Realm,
  54  *      sname             [10] PrincipalName,
  55  *      caddr             [11] HostAddresses OPTIONAL,
  56  *      encrypted-pa-data [12] SEQUENCE OF PA-DATA OPTIONAL
  57  * }
  58  * }</pre>
  59  *
  60  * <p>
  61  * This definition reflects the Network Working Group RFC 4120
  62  * specification available at
  63  * <a href="http://www.ietf.org/rfc/rfc4120.txt">
  64  * http://www.ietf.org/rfc/rfc4120.txt</a>.
  65  */
  66 public class EncKDCRepPart {
  67 
  68     public EncryptionKey key;
  69     public LastReq lastReq;
  70     public int nonce;
  71     public KerberosTime keyExpiration; //optional
  72     public TicketFlags flags;
  73     public KerberosTime authtime;
  74     public KerberosTime starttime; //optional
  75     public KerberosTime endtime;
  76     public KerberosTime renewTill; //optional
  77     public PrincipalName sname;
  78     public HostAddresses caddr; //optional
  79     public PAData[] pAData; //optional
  80     public int msgType; //not included in sequence
  81 
  82     public EncKDCRepPart(
  83             EncryptionKey new_key,
  84             LastReq new_lastReq,
  85             int new_nonce,
  86             KerberosTime new_keyExpiration,
  87             TicketFlags new_flags,
  88             KerberosTime new_authtime,
  89             KerberosTime new_starttime,
  90             KerberosTime new_endtime,
  91             KerberosTime new_renewTill,
  92             PrincipalName new_sname,
  93             HostAddresses new_caddr,
  94             PAData[] new_pAData,
  95             int new_msgType) {
  96         key = new_key;
  97         lastReq = new_lastReq;
  98         nonce = new_nonce;
  99         keyExpiration = new_keyExpiration;
 100         flags = new_flags;
 101         authtime = new_authtime;
 102         starttime = new_starttime;
 103         endtime = new_endtime;
 104         renewTill = new_renewTill;
 105         sname = new_sname;
 106         caddr = new_caddr;
 107         pAData = new_pAData;
 108         msgType = new_msgType;
 109     }
 110 
 111     public EncKDCRepPart() {
 112     }
 113 
 114     public EncKDCRepPart(byte[] data, int rep_type)
 115             throws Asn1Exception, IOException, RealmException {
 116         init(new DerValue(data), rep_type);
 117     }
 118 
 119     public EncKDCRepPart(DerValue encoding, int rep_type)
 120             throws Asn1Exception, IOException, RealmException {
 121         init(encoding, rep_type);
 122     }
 123 
 124     /**
 125      * Initializes an EncKDCRepPart object.
 126      *
 127      * @param encoding a single DER-encoded value.


 146         }
 147         key = EncryptionKey.parse(der.getData(), (byte) 0x00, false);
 148         lastReq = LastReq.parse(der.getData(), (byte) 0x01, false);
 149         subDer = der.getData().getDerValue();
 150         if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x02) {
 151             nonce = subDer.getData().getBigInteger().intValue();
 152         } else {
 153             throw new Asn1Exception(Krb5.ASN1_BAD_ID);
 154         }
 155         keyExpiration = KerberosTime.parse(der.getData(), (byte) 0x03, true);
 156         flags = TicketFlags.parse(der.getData(), (byte) 0x04, false);
 157         authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
 158         starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
 159         endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
 160         renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
 161         Realm srealm = Realm.parse(der.getData(), (byte) 0x09, false);
 162         sname = PrincipalName.parse(der.getData(), (byte) 0x0A, false, srealm);
 163         if (der.getData().available() > 0) {
 164             caddr = HostAddresses.parse(der.getData(), (byte) 0x0B, true);
 165         }
 166         if (der.getData().available() > 0) {
 167             pAData = PAData.parseSequence(der.getData(), (byte) 0x0C, true);
 168         }
 169         // We observe extra data from MSAD
 170         /*if (der.getData().available() > 0) {
 171             throw new Asn1Exception(Krb5.ASN1_BAD_ID);
 172         }*/
 173     }
 174 
 175     /**
 176      * Encodes an EncKDCRepPart object.
 177      * @param rep_type type of encrypted reply message.
 178      * @return byte array of encoded EncKDCRepPart object.
 179      * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
 180      * @exception IOException if an I/O error occurs while reading encoded data.
 181      */
 182     public byte[] asn1Encode(int rep_type) throws Asn1Exception,
 183             IOException {
 184         DerOutputStream bytes;
 185         DerOutputStream temp = new DerOutputStream();
 186         DerOutputStream out = new DerOutputStream();
 187         out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 188                 true, (byte) 0x00), key.asn1Encode());
 189         out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 190                 true, (byte) 0x01), lastReq.asn1Encode());
 191         temp.putInteger(BigInteger.valueOf(nonce));
 192         out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 193                 true, (byte) 0x02), temp);
 194 
 195         if (keyExpiration != null) {
 196             out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 197                     true, (byte) 0x03), keyExpiration.asn1Encode());
 198         }
 199         out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 200                 true, (byte) 0x04), flags.asn1Encode());
 201         out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 202                 true, (byte) 0x05), authtime.asn1Encode());
 203         if (starttime != null) {
 204             out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 205                     true, (byte) 0x06), starttime.asn1Encode());
 206         }
 207         out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 208                 true, (byte) 0x07), endtime.asn1Encode());
 209         if (renewTill != null) {
 210             out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 211                     true, (byte) 0x08), renewTill.asn1Encode());
 212         }
 213         out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 214                 true, (byte) 0x09), sname.getRealm().asn1Encode());
 215         out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 216                 true, (byte) 0x0A), sname.asn1Encode());
 217         if (caddr != null) {
 218             out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 219                     true, (byte) 0x0B), caddr.asn1Encode());
 220         }
 221         if (pAData != null && pAData.length > 0) {
 222             temp = new DerOutputStream();
 223             for (int i = 0; i < pAData.length; i++) {
 224                 temp.write(pAData[i].asn1Encode());
 225             }
 226             bytes = new DerOutputStream();
 227             bytes.write(DerValue.tag_SequenceOf, temp);
 228             out.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 229                     true, (byte) 0x0C), bytes);
 230         }
 231         //should use the rep_type to build the encoding
 232         //but other implementations do not; it is ignored and
 233         //the cached msgType is used instead
 234         temp = new DerOutputStream();
 235         temp.write(DerValue.tag_Sequence, out);
 236         bytes = new DerOutputStream();
 237         bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
 238                 true, (byte) msgType), temp);
 239         return bytes.toByteArray();
 240     }
 241 }


  14  * accompanied this code).
  15  *
  16  * You should have received a copy of the GNU General Public License version
  17  * 2 along with this work; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  19  *
  20  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  21  * or visit www.oracle.com if you need additional information or have any
  22  * questions.
  23  */
  24 
  25 /*
  26  *
  27  *  (C) Copyright IBM Corp. 1999 All Rights Reserved.
  28  *  Copyright 1997 The Open Group Research Institute.  All rights reserved.
  29  */
  30 
  31 package sun.security.krb5.internal;
  32 
  33 import sun.security.krb5.*;
  34 import sun.security.krb5.EncryptionKey;
  35 import sun.security.util.*;
  36 import java.util.Vector;
  37 import java.io.IOException;
  38 import java.math.BigInteger;
  39 
  40 /**
  41  * Implements the ASN.1 EncKDCRepPart type.
  42  *
  43  * <pre>{@code
  44  * EncKDCRepPart        ::= SEQUENCE {
  45  *      key             [0] EncryptionKey,
  46  *      last-req        [1] LastReq,
  47  *      nonce           [2] UInt32,
  48  *      key-expiration  [3] KerberosTime OPTIONAL,
  49  *      flags           [4] TicketFlags,
  50  *      authtime        [5] KerberosTime,
  51  *      starttime       [6] KerberosTime OPTIONAL,
  52  *      endtime         [7] KerberosTime,
  53  *      renew-till      [8] KerberosTime OPTIONAL,
  54  *      srealm          [9] Realm,
  55  *      sname           [10] PrincipalName,
  56  *      caddr           [11] HostAddresses OPTIONAL

  57  * }
  58  * }</pre>
  59  *
  60  * <p>
  61  * This definition reflects the Network Working Group RFC 4120
  62  * specification available at
  63  * <a href="http://www.ietf.org/rfc/rfc4120.txt">
  64  * http://www.ietf.org/rfc/rfc4120.txt</a>.
  65  */
  66 public class EncKDCRepPart {
  67 
  68     public EncryptionKey key;
  69     public LastReq lastReq;
  70     public int nonce;
  71     public KerberosTime keyExpiration; //optional
  72     public TicketFlags flags;
  73     public KerberosTime authtime;
  74     public KerberosTime starttime; //optional
  75     public KerberosTime endtime;
  76     public KerberosTime renewTill; //optional
  77     public PrincipalName sname;
  78     public HostAddresses caddr; //optional

  79     public int msgType; //not included in sequence
  80 
  81     public EncKDCRepPart(
  82             EncryptionKey new_key,
  83             LastReq new_lastReq,
  84             int new_nonce,
  85             KerberosTime new_keyExpiration,
  86             TicketFlags new_flags,
  87             KerberosTime new_authtime,
  88             KerberosTime new_starttime,
  89             KerberosTime new_endtime,
  90             KerberosTime new_renewTill,
  91             PrincipalName new_sname,
  92             HostAddresses new_caddr,

  93             int new_msgType) {
  94         key = new_key;
  95         lastReq = new_lastReq;
  96         nonce = new_nonce;
  97         keyExpiration = new_keyExpiration;
  98         flags = new_flags;
  99         authtime = new_authtime;
 100         starttime = new_starttime;
 101         endtime = new_endtime;
 102         renewTill = new_renewTill;
 103         sname = new_sname;
 104         caddr = new_caddr;

 105         msgType = new_msgType;
 106     }
 107 
 108     public EncKDCRepPart() {
 109     }
 110 
 111     public EncKDCRepPart(byte[] data, int rep_type)
 112             throws Asn1Exception, IOException, RealmException {
 113         init(new DerValue(data), rep_type);
 114     }
 115 
 116     public EncKDCRepPart(DerValue encoding, int rep_type)
 117             throws Asn1Exception, IOException, RealmException {
 118         init(encoding, rep_type);
 119     }
 120 
 121     /**
 122      * Initializes an EncKDCRepPart object.
 123      *
 124      * @param encoding a single DER-encoded value.


 143         }
 144         key = EncryptionKey.parse(der.getData(), (byte) 0x00, false);
 145         lastReq = LastReq.parse(der.getData(), (byte) 0x01, false);
 146         subDer = der.getData().getDerValue();
 147         if ((subDer.getTag() & (byte) 0x1F) == (byte) 0x02) {
 148             nonce = subDer.getData().getBigInteger().intValue();
 149         } else {
 150             throw new Asn1Exception(Krb5.ASN1_BAD_ID);
 151         }
 152         keyExpiration = KerberosTime.parse(der.getData(), (byte) 0x03, true);
 153         flags = TicketFlags.parse(der.getData(), (byte) 0x04, false);
 154         authtime = KerberosTime.parse(der.getData(), (byte) 0x05, false);
 155         starttime = KerberosTime.parse(der.getData(), (byte) 0x06, true);
 156         endtime = KerberosTime.parse(der.getData(), (byte) 0x07, false);
 157         renewTill = KerberosTime.parse(der.getData(), (byte) 0x08, true);
 158         Realm srealm = Realm.parse(der.getData(), (byte) 0x09, false);
 159         sname = PrincipalName.parse(der.getData(), (byte) 0x0A, false, srealm);
 160         if (der.getData().available() > 0) {
 161             caddr = HostAddresses.parse(der.getData(), (byte) 0x0B, true);
 162         }



 163         // We observe extra data from MSAD
 164         /*if (der.getData().available() > 0) {
 165             throw new Asn1Exception(Krb5.ASN1_BAD_ID);
 166         }*/
 167     }
 168 
 169     /**
 170      * Encodes an EncKDCRepPart object.
 171      * @param rep_type type of encrypted reply message.
 172      * @return byte array of encoded EncKDCRepPart object.
 173      * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
 174      * @exception IOException if an I/O error occurs while reading encoded data.
 175      */
 176     public byte[] asn1Encode(int rep_type) throws Asn1Exception,
 177             IOException {

 178         DerOutputStream temp = new DerOutputStream();
 179         DerOutputStream bytes = new DerOutputStream();
 180         bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 181                 true, (byte) 0x00), key.asn1Encode());
 182         bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 183                 true, (byte) 0x01), lastReq.asn1Encode());
 184         temp.putInteger(BigInteger.valueOf(nonce));
 185         bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 186                 true, (byte) 0x02), temp);
 187 
 188         if (keyExpiration != null) {
 189             bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 190                     true, (byte) 0x03), keyExpiration.asn1Encode());
 191         }
 192         bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 193                 true, (byte) 0x04), flags.asn1Encode());
 194         bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 195                 true, (byte) 0x05), authtime.asn1Encode());
 196         if (starttime != null) {
 197             bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 198                     true, (byte) 0x06), starttime.asn1Encode());
 199         }
 200         bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 201                 true, (byte) 0x07), endtime.asn1Encode());
 202         if (renewTill != null) {
 203             bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 204                     true, (byte) 0x08), renewTill.asn1Encode());
 205         }
 206         bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 207                 true, (byte) 0x09), sname.getRealm().asn1Encode());
 208         bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 209                 true, (byte) 0x0A), sname.asn1Encode());
 210         if (caddr != null) {
 211             bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT,
 212                     true, (byte) 0x0B), caddr.asn1Encode());
 213         }










 214         //should use the rep_type to build the encoding
 215         //but other implementations do not; it is ignored and
 216         //the cached msgType is used instead
 217         temp = new DerOutputStream();
 218         temp.write(DerValue.tag_Sequence, bytes);
 219         bytes = new DerOutputStream();
 220         bytes.write(DerValue.createTag(DerValue.TAG_APPLICATION,
 221                 true, (byte) msgType), temp);
 222         return bytes.toByteArray();
 223     }
 224 }
< prev index next >